Banning with basic auth and Fail2Ban

By using basic auth on you apps there is nothing stopping people from trying to brute force their way in. But by implementing Fail2ban, you can give the user or intruder x amount of retries before getting banned.

Creating the .htpasswd file

exec into your container and create the .htpasswd file

Use this command to create a .htpasswd file. Just drop the docker part if you don’t use that.

Note: The ignore IP is so that fail2ban won’t ban your local IP.
Check out https://www.aelius.com/njh/subnet_sheet.html if you are wondering what your CIDR notation is. Most often it will be /24 (netmask 255.255.255.0)
To find your netmask run ipconfig /all on windows or ifconfig | grep netmask on linux.

The logpath is the path to your nginx error log

You also need to create a file called nginx-http-auth.conf in the filter.d folder in the fail2ban directory.